More is Less: Perfectly Secure Oblivious Algorithms in the Multi-Server Setting

The problem of Oblivious RAM (ORAM) has traditionally been studied in a single-server setting, but more recently the multi-server setting has also been considered. Yet it is still unclear whether the multi-server setting has any inherent advantages, e.g., whether the multi-server setting can be used to achieve stronger security goals or provably better efficiency than is possible in the single-server case. In this work, we construct a perfectly secure 3-server ORAM scheme that outperforms the best known single-server scheme by a logarithmic factor. In the process, we also show, for the first time, that there exist specific algorithms for which multiple servers can overcome known lower bounds in the single-server setting.Comment: 36 pages, Accepted in Asiacrypt 201

Representations of an integer by some quaternary and octonary quadratic forms

In this paper we consider certain quaternary quadratic forms and octonary quadratic forms and by using the theory of modular forms, we find formulae for the number of representations of a positive integer by these quadratic forms.Comment: 20 pages, 4 tables. arXiv admin note: text overlap with arXiv:1607.0380

Perfectly Secure Oblivious RAM with Sublinear Bandwidth Overhead

Oblivious RAM (ORAM) has established itself as a fundamental cryptographic building block. Understanding which bandwidth overheads are possible under which assumptions has been the topic of a vast amount of previous works. In this work, we focus on perfectly secure ORAM and we present the first construction with sublinear bandwidth overhead in the worst-case. All prior constructions with perfect security require linear communication overhead in the worst-case and only achieve sublinear bandwidth overheads in the amortized sense. We present a fundamentally new approach for construction ORAM and our results significantly advance our understanding of what is possible with perfect security. Our main construction, Lookahead ORAM, is perfectly secure, has a worst-case bandwidth overhead of $\mathcal{O}(\sqrt{n})$, and a total storage cost of $\mathcal{O}(n)$ on the server-side, where $n$ is the maximum number of stored data elements. In terms of concrete server-side storage costs, our construction has the smallest storage overhead among all perfectly and statistically secure ORAMs and is only a factor 3 worse than the most storage efficient computationally secure ORAM. Assuming a client-side position map, our construction is the first, among all ORAMs with worst-case sublinear overhead, that allows for a $\mathcal{O}(1)$ online bandwidth overhead without server-side computation. Along the way, we construct a conceptually extremely simple statistically secure ORAM with a worst-case bandwidth overhead of $\mathcal{O}(\sqrt{n}\frac{\log{n}}{\log{\log{n}}})$, which may be of independent interest

Rab3D is critical for secretory granule maturation in PC12 cells.

Neuropeptide- and hormone-containing secretory granules (SGs) are synthesized at the trans-Golgi network (TGN) as immature secretory granules (ISGs) and complete their maturation in the F-actin-rich cell cortex. This maturation process is characterized by acidification-dependent processing of cargo proteins, condensation of the SG matrix and removal of membrane and proteins not destined to mature secretory granules (MSGs). Here we addressed a potential role of Rab3 isoforms in these maturation steps by expressing their nucleotide-binding deficient mutants in PC12 cells. Our data show that the presence of Rab3D(N135I) decreases the restriction of maturing SGs to the F-actin-rich cell cortex, blocks the removal of the endoprotease furin from SGs and impedes the processing of the luminal SG protein secretogranin II. This strongly suggests that Rab3D is implicated in the subcellular localization and maturation of ISGs

Lower Bounds for Multi-Server Oblivious RAMs

In this work, we consider the construction of oblivious RAMs (ORAM) in a setting with multiple servers and the adversary may corrupt a subset of the servers. We present an $\Omega(\log n)$ overhead lower bound for any $k$-server ORAM that limits any PPT adversary to distinguishing advantage at most $1/4k$ when only one server is corrupted. In other words, if one insists on negligible distinguishing advantage, then multi-server ORAMs cannot be faster than single-server ORAMs even with polynomially many servers of which only one unknown server is corrupted. Our results apply to ORAMs that may err with probability at most $1/128$ as well as scenarios where the adversary corrupts larger subsets of servers. We also extend our lower bounds to other important data structures including oblivious stacks, queues, deques, priority queues and search trees

Decentralizing Inner-Product Functional Encryption

International audienceMulti-client functional encryption (MCFE) is a more flexible variant of functional encryption whose functional decryption involves multiple ciphertexts from different parties. Each party holds a different secret key and can independently and adaptively be corrupted by the adversary. We present two compilers for MCFE schemes for the inner-product functionality, both of which support encryption labels. Our first compiler transforms any scheme with a special key-derivation property into a decentralized scheme, as defined by Chotard et al. (ASIACRYPT 2018), thus allowing for a simple distributed way of generating functional decryption keys without a trusted party. Our second compiler allows to lift an unnatural restriction present in existing (decentralized) MCFE schemes, which requires the adversary to ask for a ciphertext from each party. We apply our compilers to the works of Abdalla et al. (CRYPTO 2018) and Chotard et al. (ASIACRYPT 2018) to obtain schemes with hitherto unachieved properties. From Abdalla et al., we obtain instantiations of DMCFE schemes in the standard model (from DDH, Paillier, or LWE) but without labels. From Chotard et al., we obtain a DMCFE scheme with labels still in the random oracle model, but without pairings

Re-examination of siRNA specificity questions role of PICH and Tao1 in the spindle checkpoint and identifies Mad2 as a sensitive target for small RNAs

The DNA-dependent adenosine triphosphatase (ATPase) Plk1-interacting checkpoint helicase (PICH) has recently been implicated in spindle checkpoint (SAC) signaling (Baumann et al., Cell 128(1):101–114, 2007). Depletion of PICH by siRNA abolished the SAC and resulted in an apparently selective loss of Mad2 from kinetochores, suggesting a role for PICH in the regulation of the Mad1–Mad2 interaction. An apparent rescue of SAC functionality by overexpression of PICH in PICH-depleted cells initially seemed to confirm a role for PICH in the SAC. However, we have subsequently discovered that all PICH-directed siRNA oligonucleotides that abolish the SAC also reduce Mad2 mRNA and protein expression. This reduction is functionally significant, as PICH siRNA does not abolish SAC activity in a cell line that harbors a bacterial artificial chromosome driving the expression of murine Mad2. Moreover, we identified several siRNA duplexes that effectively deplete PICH but do not significantly affect SAC functionality or Mad2 abundance or localization. Finally, we discovered that the ability of overexpressed PICH to restore SAC activity in PICH-depleted cells depends on sequestration of the mitotic kinase Plk1 rather than ATPase activity of PICH, pointing to an underlying mechanism of “bypass suppression.” In support of this view, depletion or inhibition of Plk1 also rescued SAC activity in cells harboring low levels of Mad2. This observation suggests that a reduction of Plk1 activity partially compensates for reduced Mad2 levels and argues that Plk1 normally reduces the strength of SAC signaling. Collectively, our results question the role of PICH in the SAC and instead identify Mad2 as a sensitive off target for small RNA duplexes. In support of the latter conclusion, our evidence suggests that an off-target effect on Mad2 may also contribute to explain the apparent role of the Tao1 kinase in SAC signaling (Draviam et al., Nat Cell Biol 9(5):556–564, 2007)

Cytokinesis in bloodstream stage Trypanosoma brucei requires a family of katanins and spastin

Microtubule severing enzymes regulate microtubule dynamics in a wide range of organisms and are implicated in important cell cycle processes such as mitotic spindle assembly and disassembly, chromosome movement and cytokinesis. Here we explore the function of several microtubule severing enzyme homologues, the katanins (KAT80, KAT60a, KAT60b and KAT60c), spastin (SPA) and fidgetin (FID) in the bloodstream stage of the African trypanosome parasite, Trypanosoma brucei. The trypanosome cytoskeleton is microtubule based and remains assembled throughout the cell cycle, necessitating its remodelling during cytokinesis. Using RNA interference to deplete individual proteins, we show that the trypanosome katanin and spastin homologues are non-redundant and essential for bloodstream form proliferation. Further, cell cycle analysis revealed that these proteins play essential but discrete roles in cytokinesis. The KAT60 proteins each appear to be important during the early stages of cytokinesis, while downregulation of KAT80 specifically inhibited furrow ingression and SPA depletion prevented completion of abscission. In contrast, RNA interference of FID did not result in any discernible effects. We propose that the stable microtubule cytoskeleton of T. brucei necessitates the coordinated action of a family of katanins and spastin to bring about the cytoskeletal remodelling necessary to complete cell divisio